By default, when you deploy NetScaler CPX in the Kubernetes cluster, it replaces the Kubernetes’ kube-proxy that provides basic load balancing functionality. Replacing the kube-proxy with NetScaler CPX, in addition to the load balancing functionality, you can use the NetScaler Management and Analytics System (MAS) for:

Visibility into the application environment in the cluster

Managing and monitoring the NetScaler CPX instances in the cluster

Using the Stylebooks feature to simplify the task of managing complex NetScaler configurations for your applications

After you have deployed the Kubernetes cluster, you must integrate the cluster with NetScaler MAS by providing the details of the Kubernetes environment in NetScaler MAS. NetScaler MAS monitors the changes in Kubernetes resources, such as services, endpoints, and Ingress rules.

When you deploy a NetScaler CPX instance in the Kubernetes cluster, it automatically registers with NetScaler MAS. As part of the registration process, NetScaler MAS learns about the NetScaler CPX instance IP address and the port on which it can reach the instance to configure it by using NITRO REST APIs.

The Stylebook engine in NetScaler MAS processes all the information that NetScaler MAS collects from Kubernetes, such as services, endpoints, and Ingress rules. Using an existing provisioned Stylebook (com.citrix.adc.stylebooks/1.0/cs-lb-mon), the Stylebook engine generates NetScaler-specific configurations, such as the virtual servers and service groups required for load balancing, and applies the configurations to the NetScaler CPX instances. For more information about Stylebook, see Stylebooks.

The following figure shows how NetScaler CPX load balances east-west traffic flow in a Kubernetes cluster.

In this example, Node 1 and Node 2 of the Kubernetes clusters contains instances of a front-end service and a back-end service. When the NetScaler CPX instances are deployed in Node 1 and Node 2, the NetScaler CPX instances are automatically registered with NetScaler MAS. You must manually integrate the Kubernetes cluster with NetScaler MAS by configuring the Kubernetes cluster details in NetScaler MAS.

When a client requests the front-end service, the ingress resource load balances the request between the instances of the front-end service on the two nodes. When an instance of the front-end service needs information from the back-end services in the cluster, it directs the requests to the NetScaler CPX instance in its node. That NetScaler CPX instance load balances the requests between the back-end services in the cluster, thereby providing east-west traffic flow.

Deploying a NetScaler CPX Instance on a Node in Kubernetes Cluster

You can deploy NetScaler CPX instances as Kubernetes pods on the nodes in a Kubernetes cluster. A NetScaler CPX instance can be deployed as a daemon set or as a manifest.

Daemon set – Deploying a NetScaler CPX instance as a daemon set resource enables you to deploy a NetScaler CPX instance as a pod in the node and also ensures that a NetScaler CPX instance is deployed on new nodes that join the Kubernetes cluster. When the new node joins the cluster, the NetScaler CPX instance specified in the daemons set is installed automatically on the node.

Manifest – A Kubernetes manifest is a YAML or JSON formatted file containing Kubernetes object deployment and configuration instructions. You can create a Kubernetes manifest of a NetScaler CPX instance and place it in a particular directory on the nodes. A kubelet on every node monitors this directory and creates objects, that is, NetScaler CPX instances, as specified by the manifest.

A NetScaler CPX specific environment variable that allows you to specify that the NetScaler CPX instance is started in host mode. After the instance starts in host mode, it configures 4 default iptable rules on the host machine for management access to the instance. It uses the following ports: 9995 for HTTP, 9996 for HTTPS, 9997 for SSH and 9998 for SNMP. Also, If you want to specify different ports, you can use the following environment variables: -e NS_HTTP_PORT, -e NS_HTTPS_PORT, -e NS_SSH_PORT, and -e NS_SNMP_PORT.

A NetScaler CPX specific environment variable that describes the NetScaler MAS server IP address. When the NetScaler CPX instance is deployed, it automatically registers with the NetScaler MAS server at this IP address.

A NetScaler CPX specific environment variable specifying whether the NetScaler CPX container is run in non-IP-per-container mode. Be sure to set the value to FALSE.

name: “KUBERNETES_TASK_ID”

Identifies the NetScaler CPX ID in the Kubernetes cluster.

imagePullPolicy

Specifies how Kubernetes pulls the image.

Deploying a NetScaler CPX Instance Using a Manifest

A Kubernetes manifest is a YAML or JSON formatted file containing Kubernetes object deployment and configuration instructions. You can create a Kubernetes manifest of a NetScaler CPX instance and place it in a particular directory on the nodes. A kubelet on every node monitors this directory and creates objects, that is, NetScaler CPX instances, as specified by the manifest.

A NetScaler CPX specific environment variable that allows you to specify that the NetScaler CPX instance is started in host mode. After the instance starts in host mode, it configures 4 default iptable rules on the host machine for management access to the instance. It uses the following ports: 9995 for HTTP, 9996 for HTTPS, 9997 for SSH and 9998 for SNMP. Also, If you want to specify different ports, you can use the following environment variables: -e NS_HTTP_PORT, -e NS_HTTPS_PORT, -e NS_SSH_PORT, and -e NS_SNMP_PORT.

A NetScaler CPX specific environment variable that describes the NetScaler MAS server IP address. When the NetScaler CPX instance is deployed, it automatically registers with the NetScaler MAS server at this IP address.

A NetScaler CPX specific environment variable specifying whether the NetScaler CPX container is run in non-IP-per-container mode. Be sure to set the value to FALSE.

name: “KUBERNETES_TASK_ID”

Identifies the NetScaler CPX ID in the Kubernetes cluster.

imagePullPolicy

Specifies how Kubernetes pulls the image.

The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. Citrix has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Citrix product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Citrix, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Citrix will not be held responsible for any damage or issues that may arise from using machine-translated content.

THIS SERVICE MAY CONTAIN TRANSLATIONS POWERED BY GOOGLE. GOOGLE DISCLAIMS ALL WARRANTIES RELATED TO THE TRANSLATIONS, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, RELIABILITY, AND ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.